6.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Zilin Guan zilin@seu.edu.cn
[ Upstream commit cb6d5aa9c0f10074f1ad056c3e2278ad2cc7ec8d ]
In smb3_reconfigure(), if smb3_sync_session_ctx_passwords() fails, the function returns immediately without freeing and erasing the newly allocated new_password and new_password2. This causes both a memory leak and a potential information leak.
Fix this by calling kfree_sensitive() on both password buffers before returning in this error case.
Fixes: 0f0e357902957 ("cifs: during remount, make sure passwords are in sync") Signed-off-by: Zilin Guan zilin@seu.edu.cn Reviewed-by: ChenXiaoSong chenxiaosong@kylinos.cn Signed-off-by: Steve French stfrench@microsoft.com Signed-off-by: Sasha Levin sashal@kernel.org --- fs/smb/client/fs_context.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/fs/smb/client/fs_context.c b/fs/smb/client/fs_context.c index 2a0d8b87bd8e..d8bd3cdc535d 100644 --- a/fs/smb/client/fs_context.c +++ b/fs/smb/client/fs_context.c @@ -1080,6 +1080,8 @@ static int smb3_reconfigure(struct fs_context *fc) rc = smb3_sync_session_ctx_passwords(cifs_sb, ses); if (rc) { mutex_unlock(&ses->session_mutex); + kfree_sensitive(new_password); + kfree_sensitive(new_password2); return rc; }